<%
UserName = Request.Form("username")
Password = Request.Form("password")
'grab the form contents
Set MyConn=Server.CreateObject("ADODB.Connection")
MyConn.Open "your connection string here"
SQL = "Select * From tblLogin"
Set RS = MyConn.Execute(SQL)
If UserName = RS("UserName") AND Password = RS("Password") Then
'if there is a match then show the page
%>
Put the contents of your page here.
<%
Else
Response.Redirect "http://www.yourdomain.com/login.asp"
RS.Close
MyConn.Close
Set RS = Nothing
Set MyConn = Nothing
End If
%>
'if there was no match then make the visitor try again to login.
</BODY>
</HTML>
把含上述代码的文件命名为login.asp
最后,把下面的三行代码加入需要保护的页面的最前面中。不要把它加到第二页的代码中。
<%@ Language=VBScript %>
<% Response.Buffer = True %>
<% If session("allow") = False Then Response.Redirect "main.asp" %>